A sophisticated phishing campaign has recently shifted its focus to target Mac users, demonstrating the evolving nature of cyber threats in response to improved security measures. The security team observed a drastic 90% drop in Windows-targeted attacks following the implementation of new “anti-scareware” features in Edge, Chrome, and Firefox browsers, prompting attackers to redirect their efforts toward Mac users who weren’t covered by these protections. The attack, which previously targeted Windows users by masquerading as Microsoft security alerts, now employs similar tactics against the Apple ecosystem. “This attack campaign underscores two critical points: Mac and Safari users are now prime targets, and cybercriminals are highly adaptable,” noted the LayerX research team. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The attack follows a familiar pattern where compromised websites display fake security warnings, claiming that the user’s system has been compromised. Despite enterprise security measures, the attack has successfully bypassed conventional defenses, highlighting the need for advanced browser-level security solutions that can analyze web page behavior in real-time. These pages then redirect users to the phishing sites hosted on Microsoft’s Windows.net platform, lending an appearance of legitimacy to the attack. The phishing pages have been redesigned to appear authentic to Mac users, with code adjustments specifically targeting macOS and Safari users by leveraging HTTP OS and user agent parameters. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. This campaign aims to steal user credentials by creating convincing illusions that victims’ computers have been compromised and subsequently locked. The infection process begins when victims attempt to access legitimate websites but mistakenly enter typos in URLs, leading them to compromised domain parking pages.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 25 Mar 2025 13:15:07 +0000